[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#4449) incorrect bound check in connection_next()?
Full_Name: Pierangelo Masarati
Version: HEAD/re23
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (81.72.89.40)
Submitted by: ando
I suspect there's an incorrect bound check in connection_next(), where *index
upper value is tested for < MCA_ARRAY_SIZE instead of <= dtblsize.
The patch below seems to address the issue, but I'd prefer a comment from
someone that's more familiar with that portion of code.
Thanks, p.
Index: servers/slapd/connection.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/connection.c,v
retrieving revision 1.350
diff -u -r1.350 connection.c
--- servers/slapd/connection.c 8 Mar 2006 04:54:10 -0000 1.350
+++ servers/slapd/connection.c 25 Mar 2006 00:10:55 -0000
@@ -1075,7 +1075,7 @@
assert( connections != NULL );
assert( index != NULL );
- assert( *index >= 0 && *index < MCA_ARRAY_SIZE );
+ assert( *index >= 0 && *index <= dtblsize );
if( c != NULL ) ldap_pvt_thread_mutex_unlock( &c->c_mutex );